One of the most important issues impeding the widespread distribution of digital works (i.e. documents or other content in forms readable by computers), via electronic means, and the Internet in particular, is the current lack of ability to enforce the intellectual property rights of content owners during the distribution and use of digital works. Efforts to resolve this problem have been termed “Intellectual Property Rights Management” (“IPRM”), “Digital Property Rights Management” (“DPRM”), “Intellectual Property Management” (“IPM”), “Rights Management” (“RM”), and “Electronic Copyright Management” (“ECM”), collectively referred to as “Digital Rights Management (DRM)” herein. There are a number of issues to be considered in effecting a DRM System. For example, authentication, authorization, accounting, payment and financial clearing, rights specification, rights verification, rights enforcement, and document protection issues should be addressed. U.S. Pat. Nos. 5,530,235, 5,634,012, 5,715,403, 5,638,443, and 5,629,980, the disclosures of which are incorporated herein by reference, disclose DRM systems addressing these issues.
Two basic DRM schemes have been employed, secure containers and trusted systems. A “secure container” (or simply an encrypted document) offers a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored (e.g., payment for use). After the various conditions and terms are verified with the document provider, the document is released to the user in clear form. Commercial products such as CRYPTOLOPES™ and DIGIBOXES™ fall into this category. Clearly, the secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing it in violation of content owners' intellectual property.
In the “trusted system” approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is a real challenge to existing technologies, current market trends suggest that open and untrusted systems, such as PC's and workstations using browsers to access the Web, will be the dominant systems used to access digital works. In this sense, existing computing environments such as PC's and workstations equipped with popular operating systems (e.g., Windows™, Linux™, and UNIX) and rendering applications, such as browsers, are not trusted systems and cannot be made trusted without significantly altering their architectures. Of course, alteration of the architecture defeats a primary purpose of the Web, i.e. flexibility and compatibility.
As an example, U.S. Pat. No. 5,634,012, the disclosure of which is incorporated herein by reference, discloses a system for controlling the distribution of digital documents. Each rendering device has a repository associated therewith. A predetermined set of usage transaction steps define a protocol used by the repositories for enforcing usage rights. Usage rights define one or more manners of use of the associated document content and persist with the document content. The usage rights can permit various manners of use such as, viewing only, use once, distribution, and the like. Usage rights can be contingent on payment or other conditions. Further, a party may grant usage rights to others that are a subset of usage rights possessed by the party.
DRM systems have facilitated distribution of digital content by permitting the content owner to control use of the content. However, known business models for creating, distributing, and using digital content and other items involve a plurality of parties. For example, a content creator may sell content to a publisher who then authorizes a distributor to distribute content to an on-line storefront who then sells content to end-users. Further, the end users may desire to share or further distribute the content. In such a business model, usage rights can be given to each party in accordance with their role in the distribution chain. However, the parties do not have control over downstream parties unless they are privy to any transaction with the downstream parties in some way. For example, once the publisher noted above provides content to the distributor, the publisher cannot readily control rights granted to downstream parties, such as the first or subsequent users unless the publisher remains a party to the downstream transaction. This loss of control combined with the ever increasing complexity of distribution chains results in a situation, which hinders the distribution of digital content and other items. Further, the publisher may want to prohibit the distributor and/or the storefront from viewing or printing content while allowing an end user receiving a license from the storefront to view and print. Accordingly, the concept of simply granting rights to others that are a subset of possessed rights is not adequate for multi-party, i.e. multi-tier, distribution models.